Can't access internal network from VPN using PIX 506E
Hello,
I seem to be having an issue with my PIX configuration. I can ping the VPN client from the the internal network, but can cannot access any resources from the vpn client. My running configuration is as follows:
Building configuration...
: Saved
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password N/JZnmeC2l5j3YTN encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname SwantonFw2
domain-name *****.com
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list outside_access_in permit icmp any any
access-list allow_ping permit icmp any any echo-reply
access-list allow_ping permit icmp any any unreachable
access-list allow_ping permit icmp any any time-exceeded
access-list INSIDE-IN permit tcp interface inside interface outside
access-list INSIDE-IN permit udp any any eq domain
access-list INSIDE-IN permit tcp any any eq www
access-list INSIDE-IN permit tcp any any eq ftp
access-list INSIDE-IN permit icmp any any echo
access-list INSIDE-IN permit tcp any any eq https
access-list inside_outbound_nat0_acl permit ip 192.168.0.0 255.255.255.0 192.168.240.0 255.255.255.0
access-list swanton_splitTunnelAcl permit ip any any
access-list outside_cryptomap_dyn_20 permit ip any 192.168.240.0 255.255.255.0
no pager
mtu outside 1500
mtu inside 1500
ip address outside 192.168.1.150 255.255.255.0
ip address inside 192.168.0.35 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool VPN_Pool 192.168.240.1-192.168.240.254
pdm location 0.0.0.0 255.255.255.0 outside
pdm location 192.168.1.26 255.255.255.255 outside
pdm location 192.168.240.0 255.255.255.0 outside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 1 192.168.0.0 255.255.255.0 0 0
access-group outside_access_in in interface outside
access-group INSIDE-IN in interface inside
route outside 0.0.0.0 0.0.0.0 192.168.1.1 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http 192.168.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map client authentication LOCAL
crypto map outside_map interface outside
isakmp enable outside
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup swanton address-pool VPN_Pool
vpngroup swanton dns-server 192.168.1.1
vpngroup swanton split-tunnel swanton_splitTunnelAcl
vpngroup swanton idle-time 1800
vpngroup swanton password ********
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.0.36-192.168.0.254 inside
dhcpd dns 8.8.8.8 8.8.4.4
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside
username scott password hwDnqhIenLiwIr9B encrypted privilege 15
username norm password ET3skotcnISwb3MV encrypted privilege 2
username tarmbrecht password Zre8euXN6HxXaSdE encrypted privilege 2
username jlillevik password 9JMTvNZm3dLhQM/W encrypted privilege 2
username ruralogic password 49ikl05C8VE6k1jG encrypted privilege 15
username bzeiter password 1XjpdpkwnSENzfQ0 encrypted privilege 2
username mwalla password l5frk9obrNMGOiOD encrypted privilege 2
username heavyfab1 password 6.yy0ys7BifWsa9k encrypted privilege 2
username heavyfab3 password 6.yy0ys7BifWsa9k encrypted privilege 2
username heavyfab2 password 6.yy0ys7BifWsa9k encrypted privilege 2
username djet password wj13fSF4BPQzUzB8 encrypted privilege 2
username cmorgan password y/NeUfNKehh/Vzj6 encrypted privilege 2
username cmayfield password Pe/felGx7VQ3I7ls encrypted privilege 2
username jeffg password zQEQceRITRrO4wJa encrypted privilege 2
terminal width 80
Cryptochecksum:9005f35a85fa5fe31dab579bbb1428c8
: end
[OK]
Any help will be greatly appreciated
Bj,
Are you trying to access network resources behind the inside interface?
ip address inside 192.168.0.35 255.255.255.0
If so, please make the following changes:
1- access-list SWANTON_VPN_SPLIT permit ip 192.168.0.0 255.255.255.0 192.168.240.0 255.255.255.0
2- no vpngroup swanton split-tunnel swanton_splitTunnelAcl
vpngroup swanton split-tunnel SWANTON_VPN_SPLIT
3- no access-list outside_cryptomap_dyn_20 permit ip any 192.168.240.0 255.255.255.0
4- isakmp nat-traversal 30
Let me know how it goes.
Portu.
Please rate any helpful posts
Similar Messages
-
Can not ping internal network from ASA
I can not ping internal computer from ASA. Comp IP address 192.168.187.15, gateway is 192.168.187.14 which is ASA internal interface. I've got an IP Phone connected to the same ASA with Ip address 192.168.185.15 and internal ASA interface 192.168.185.14 and everything works fine. We are doing testing, do not be surprised of configuration.
ASA Version 8.2(1)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
dns-guard
interface GigabitEthernet0/0
nameif ouside3
security-level 0
ip address 10.254.17.25 255.255.255.248
interface GigabitEthernet0/1
nameif outside
security-level 0
ip address 10.254.17.9 255.255.255.248
interface GigabitEthernet0/2
nameif Lan
security-level 100
ip address 192.168.185.14 255.255.255.0
interface GigabitEthernet0/3
nameif comp
security-level 50
ip address 192.168.187.14 255.255.255.0
interface Management0/0
nameif management
security-level 100
no ip address
management-only
boot system disk0:/asa821-k8.bin
ftp mode passive
access-list 110 extended permit ip any any
access-list nat extended permit ip any any
access-list allow_ping extended permit icmp any any echo-reply
access-list allow_ping extended permit icmp any any source-quench
access-list allow_ping extended permit icmp any any unreachable
access-list allow_ping extended permit icmp any any time-exceeded
access-list allow_ping extended permit udp any any eq isakmp
access-list allow_ping extended permit esp any any
access-list allow_ping extended permit ah any any
access-list allow_ping extended permit gre any any
access-list nonat extended permit ip any any
access-list nat2 extended permit ip any any
access-list nonat2 extended permit ip any any
pager lines 24
logging asdm informational
mtu ouside3 1500
mtu outside 1500
mtu Lan 1500
mtu comp 1500
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (Lan) 0 access-list nonat
nat (Lan) 1 access-list nat
nat (comp) 0 access-list nonat
nat (comp) 1 access-list nat
access-group allow_ping in interface outside
router eigrp 2008
neighbor 10.254.17.10 interface outside
network 10.254.17.8 255.255.255.248
network 192.168.185.0 255.255.255.0
network 192.168.187.0 255.255.255.0
route outside 0.0.0.0 0.0.0.0 10.254.17.10 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map mymap 10 match address 110
crypto map mymap 10 set peer 10.254.17.10
crypto map mymap 10 set transform-set myset
crypto map mymap interface outside
crypto map mymap2 20 match address 110
crypto map mymap2 20 set peer 10.254.17.18
crypto map mymap2 20 set transform-set myset
crypto map mymap2 interface comp
crypto map mymap3 30 match address 110
crypto map mymap3 30 set peer 10.254.17.26
crypto map mymap3 30 set transform-set myset
crypto map mymap3 interface ouside3
crypto isakmp identity address
crypto isakmp enable ouside3
crypto isakmp enable outside
crypto isakmp enable comp
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 28800
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
priority-queue outside
threat-detection basic-threatThis is what I get, looks like ASA does not reply. Why?
ciscoasa# sh capture cpi
5 packets captured
1: 05:20:14.494908 192.168.187.15 > 192.168.187.14: icmp: echo request
2: 05:20:19.526935 192.168.187.15 > 192.168.187.14: icmp: echo request
3: 05:20:25.026320 192.168.187.15 > 192.168.187.14: icmp: echo request
4: 05:20:30.525699 192.168.187.15 > 192.168.187.14: icmp: echo request
5: 05:20:36.025084 192.168.187.15 > 192.168.187.14: icmp: echo request -
Can't Access Internal Servers From Behind An ASA 5505
Hi all.
I am having some trouble accessing some backup Email (Outlook Web Access) and Citrix servers located behind an ASA 5505 firewall at a remote datacentre. Simply put, when I go to the specific URL (e.g. https://citrixdr.xxx.co.uk) I do not arrive at the splash page, I just get a message saying that the server took too long to respond in the web browser. I'm wondering whether I have missed something on the configuraiton or the firewall itself is not letting my requests through.
The remote servers are located at a remote Disaster Recovery site and use the subnet 192.168.4.0/24. I am at head office which is connected to the DR site via a VPN using 192.168.1.0/24.
My running configuration is below, if anyone could have a browse through it it would be much appreciated.
LM-DR-ASA5505# show run
: Saved
ASA Version 8.2(5)
hostname xxx
domain-name xxx.local
enable password 9tc.bMMQOdcEzWlK encrypted
passwd zh5kKKD1zRf47kwr encrypted
names
name 216.82.240.0 MLT1
name 67.219.240.0 MLT2
name 85.158.136.0 MLT3
name 95.131.104.0 MLT4
name 46.226.48.0 MLT5
name 117.120.16.0 MLT6
name 193.109.254.0 MLT7
name 194.106.220.0 MLT8
name 195.245.230.0 MLT9
name 103.3.96.0 MLT10
name xxx.xxx.xxx.xxx citrixdr.xxx.co.uk
name xxx.xxx.xxx.xxx maildr.xxx.co.uk
name xxx.xxx.xxx.xxx webmaildr.xxx.co.uk
name 192.168.4.23 LON-EXCH-03
name 192.168.4.30 Citrix-Access-Gateway
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.4.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address xxx.xxx.xxx.xxx 255.255.255.248
ftp mode passive
dns server-group DefaultDNS
domain-name xxx.local
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group service DM-INLINE-SERVICE
service-object icmp
service-object tcp eq www
service-object tcp eq https
object-group network VPN-REMOTE
network-object 192.168.1.0 255.255.255.0
object-group protocol PROTOCOL-LIST
protocol-object ip
protocol-object icmp
protocol-object pim
protocol-object pcp
protocol-object snp
protocol-object udp
protocol-object igmp
protocol-object ipinip
protocol-object gre
protocol-object esp
protocol-object ah
protocol-object tcp
protocol-object eigrp
protocol-object ospf
protocol-object igrp
protocol-object nos
object-group service DM-INLINE-TCP-1 tcp
port-object eq https
port-object eq smtp
object-group service DM-INLINE-TCP-2 tcp
port-object eq www
port-object eq https
object-group network MESSAGE-LABS-TOWERS
network-object MLT1 255.255.240.0
network-object MLT2 255.255.240.0
network-object MLT3 255.255.248.0
network-object MLT4 255.255.248.0
network-object MLT5 255.255.248.0
network-object MLT6 255.255.248.0
network-object MLT7 255.255.254.0
network-object MLT8 255.255.254.0
network-object MLT9 255.255.254.0
network-object MLT10 255.255.252.0
access-list inside-access-in extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list inside-access-in extended permit ip any any
access-list inside-access-in extended permit ip 192.168.4.0 255.255.255.0 any
access-list inside-access-in extended permit icmp any any
access-list outside-access-in extended permit object-group DM-INLINE-SERVICE any any
access-list outside-access-in extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list outside-access-in extended permit icmp 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list outside-access-in extended permit tcp any host webmaildr.xxx.co.uk object-group DM-INLINE-TCP-2
access-list outside-access-in extended permit tcp any host maildr.xxx.co.uk object-group DM-INLINE-TCP-1
access-list outside-access-in extended permit tcp any host citrixdr.xxx.co.uk eq https
access-list outside-access-in extended permit tcp object-group MESSAGE-LABS-TOWERS host LON-EXCH-03 eq smtp
access-list outside-1-cryptomap extended permit ip 192.168.4.0 255.255.255.0 host xxx.xxx.xxx.xxx
access-list outside-1-cryptomap extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list 101 extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list inside-nat0-outbound extended permit ip 192.168.4.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list testcap extended permit icmp host 192.168.1.11 host 192.168.4.1
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside-nat0-outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp citrixdr.xxx.co.uk https Citrix-Access-Gateway https netmask 255.255.255.255
static (inside,outside) tcp maildr.xxx.co.uk smtp LON-EXCH-03 smtp netmask 255.255.255.255
static (inside,outside) tcp webmaildr.xxx.co.uk https LON-EXCH-03 https netmask 255.255.255.255
access-group inside-access-in in interface inside
access-group outside-access-in in interface outside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
route outside 192.168.1.0 255.255.255.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http xxx.xxx.xxx.xxx 255.255.255.255 outside
http 192.168.4.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map outside-map 1 match address outside-1-cryptomap
crypto map outside-map 1 set peer xxx.xxx.xxx.xxx
crypto map outside-map 1 set transform-set ESP-3DES-SHA
crypto map outside-map interface outside
crypto isakmp enable inside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 192.168.1.0 255.255.255.0 inside
telnet 192.168.4.0 255.255.255.0 inside
telnet 0.0.0.0 0.0.0.0 inside
telnet xxx.xxx.xxx.xxx 255.255.255.255 outside
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh 192.168.4.0 255.255.255.0 inside
ssh xxx.xxx.xxx.xxx 255.255.255.255 outside
ssh xxx.xxx.xxx.xxx 255.255.255.255 outside
ssh xxx.xxx.xxx.xxx 255.255.255.255 outside
ssh timeout 5
ssh version 2
console timeout 0
management-access inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
username xxx password LUZB8j2zj03xvSeF encrypted
username xxx password RxEDmrZ7KCRzPu4T encrypted
tunnel-group xxx.xxx.xxx.xxx type ipsec-l2l
tunnel-group xxx.xxx.xxx.xxx ipsec-attributes
pre-shared-key *****
class-map inspection_default
policy-map global_policy
class inspection_default
inspect icmp
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:61e54b16fb87f1e6fa3b8d520e87ddc0
: endHi Jouni, thanks for your response.
Turns out that the Citrix Access Gateway wasn't set up until yesterday evening and by then I had stopped trying for the day. It is now set up and external access is available.
Further to this, my colleague forgot to inform me of the change of I.P. address of the Exchange server. This meant that Webmail requests were pointing to an I.P. address that didn't exist.
I have reconfigured the firewall this morning and external access for Webmail is also working correctly. -
Can't access work IMAP from home
Hi
We're running mail service (IMAP) on OS X Server 10.3.9 at the office. Everything works fine when I'm on the network locally - I can send and receive external emails etc.
However, I can't access the server from home using either the domain name or IP address. I used to be able to but we've recently changed ISP & router and I'm not sure if this has affected it. I assume the MX records for the domain are fine since we can send and receive.
I'm not really an IT admin-type guy (it's just kinda become my responsibility) so I don't fully understand DNS, local domains etc.
If anybody has any pointers, I'd really appreciate it.
Thanks
Ian
Mac OS X (10.3.9)
PowerBook G4 1.5 Mac OS X (10.4.8)
Mac OS X (10.4.8)Everything works fine when I'm on the network locally - I can send and receive external emails etc.
However, I can't access the server from home using either the domain name or IP address. I used to be able to but we've recently changed ISP & router and I'm not sure if this has affected it.
DNS Basics: the DNS server basically resolves a 'name' to an IP address. E.g. mail.mydomain.com to the IP address of the mailserver.
When you are inside the local network (LAN), your computers probably find the server using a local IP address. When you are outside the LAN, then your computer will find it EITHER by using the public IP address of your firewall OR using a name which will resolve to the same.
Since it worked before you changed ISPs, I'm guessing that you had it set explicitly to the WAN IP address. This will have changed with the change of ISP.
Easiest way to fix this is to use the same host name as you MX record is set to. So if your MX record is mail.mydomain.com then use this as it is obviously resolving to the IP address of your mail server (or more exactly, the IP address of your firewall).
NEXT, since your router has also changed (and I presume this is also your firewall) then you need to ensure that the imap port required (143) is open and port-forwarding to the internal IP address of the mail server.
-david
Server 10.4.8 -
I have recently got a Time Capsule with my Macbook pro retina 15". I am trying to setup my time capsule as a wifi station at my home. But the thing is I can only access wifi from my lap only.
How can I share my network from timecapsule to other devices, and im using OS X 10.8.2
Please help me!
Thanks in advance!
(sorry for the bad english)How is the TC currently connected into the network?
It should work fine in bridge and create a wireless network.. it should already be able to share the network without being the main router.
Setting up wireless from wireless is difficult.
I would recommend you buy the USB to ethernet cable Apple sell as an accessory for Air and MBPr so you can actually use ethernet when required. -
I saved photos from my Macbook Pro onto my Iphone (using itunes, 4 years ago). My macbook is now dead and I need to get the photos I saved off of my iphone 3GS transferred to a pc. Any help... From my PC I can only access "internal storage"
The iphone is not a storage/backup device. The picture sycn is one way - computer to iphone. The photos are also reduced in size when synced to iphone so they are not of the original quality
It has always been very basic to always maintain a backup of your computer.
Have you failed to do this?
If so, not good at all, you can e-mail the pics to yourself - keep in mind they will never be of the original quality -
I have an Azure Virtual Network that has a virtual machine acting like an app server running some legacy applications that is writing some files to a folder that is shared.
This shared folder is accessible from other virtual machines within that virtual network without issue.
The problem I am having is that I have an Azure Web Role that is also attached to the above
Azure Virtual Network that is unable to access the shared folder. I know the web role can see the app server as it is able to ping the IP of the machine.
There is some code that needs access to the shared folder to process some of the files that is stored there, but the code won't run because it can not access these files. I used Remote Desktop to see if I could ping the machine, and I can, but I cannot navigate
to the path in file explorer due to access being denied.
Can anyone offer any advice or tips to point me in the right direction to gain access to this shared folder from my Azure Web Role?Hi Robert,
Thanks for your posting!
Form your descirpiton, I suggest you can refer to Tom Zhang's solution via this
link:
1. Enable Remote Desktop. (You have done this step)
2. RDP to one instance of your service. Open up IIS Manager and set the application pool identity to use the account that we used for RDP.
3. On on-premise local machine, right click "My Computer' and select "Manage". Add a new account with the same account name and password as we specified for Remote Desktop.
4. Give the new account necessary permissions to write file to the shared folder. (I think you have done this step too)
5. Try running the code again and see if it works.
6. If it still says "access to path <folder path located on local machine> is denied". Please check the permission of the shared folder again.
7. If it works, then the next step is to configure the application pool identity using Startup Task instead of using Remote Desktop (See the suggestion inhttp://social.technet.microsoft.com/Forums/en-US/windowsazuresecurity/thread/247ba75e-87d9-497c-9ec6-1fd4e2c7ff90).
But I still recommend you enable Remote Desktop for your web role to check if the Startup Task has successfully configured the application pool identity or not.
Regards,
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
ASA 5505 VPN can't access connected network
I have an ASA 5505 with ipsec VPN configured on it. I am able to connect to the ASA but I can't ping a connected network. I get a dhcp assigned address in the network I am trying to reach but can't access that network on Vlan5. Please help.
I attached the config.I think final questions, can you have two nat statements that point to the same acl ie.
access-list no_nat extended permit ip 192.168.9.0 255.255.255.0 192.168.0.0 255.255.255.0
access-list no_nat extended permit ip 192.168.9.0 255.255.255.0 172.31.1.0 255.255.255.0
access-list no_nat extended permit ip 192.168.5.0 255.255.255.0 192.168.5.0 255.255.255.0
nat (inside) 0 access-list no_nat
nat (inside) 1 192.168.9.0 255.255.255.0
nat (fw-civic) 0 access-list no_nat
nat (fw-civic) 1 192.168.5.0 255.255.255.0
Or do I need to create a new acl for the fw-civic interface?
Thanks -
HT4759 I can't access my mail from my iphone using os 3.13
I have the original iphone running os3.13.
I can't access my mail from this phone.
I switched my mac book pro to icloud and now I can't request to keep my mail account on my iphone.
What do I do?
CCDelete your mail account from Mail preferences and set it up again using the Mail Server Information.
-
Can you access Time Capsule From any where, or do you have to be on the same network
Can you access Time Capsule From any where, or do you have to be on the same network
check out the post by Tesserax in this discussion.
-
I am unable to re-install itunes. The installer starts ok and then indicates that it can not access a network !! I have tried to uninstall but get the sme error message. I have used 3rd party software to uninstal but still have no joy. My pc is running Vista.
Can you anyone offer a working solution ?Many thanks.
Let's try the fixit from the following Microsoft document with that one:
Fix problems with programs that can't be installed or uninstalled -
I've tried everything but can't access iTunes store from my ipad. Apple ID is fine and logged in to iTunes on pc. Still no luck. Anyone any other alternatives? Thx.
You may think you are connected to the internet, but maybe not. Click on Safari and see if it connects.
Look at iOS Troubleshooting Wi-Fi networks and connections http://support.apple.com/kb/TS1398
iPad: Issues connecting to Wi-Fi networks http://support.apple.com/kb/ts3304
iOS: Recommended settings for Wi-Fi routers and access points http://support.apple.com/kb/HT4199
Additional things to try.
Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
How to Quickly Fix iPad 3 Wi-Fi Reception Problems
http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
If none of the above suggestions work, look at this link.
iPad Wi-Fi Problems: Comprehensive List of Fixes
http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
Fix iPad Wifi Connection and Signal Issues http://www.youtube.com/watch?v=uwWtIG5jUxE
Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
Unable to Connect After iOS Update - saw this solution on another post.
https://discussions.apple.com/thread/4010130
Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
~~~~~~~~~~~~~~~
If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
The Complete Guide to Using the iTunes Store
http://www.ilounge.com/index.php/articles/comments/the-complete-guide-to-using-t he-itunes-store/
Can't connect to the iTunes Store
http://support.apple.com/kb/TS1368
iTunes: Advanced iTunes Store troubleshooting
http://support.apple.com/kb/TS3297
This works for some users. Not sure why.
Go to Settings>General>Date and Time> Set Automatically>Off. Set the date ahead by about a year.Then see if you can connect to the store.
Cheers, Tom -
Can't access my dvr from safari
Hi,
I have a problem with safari. I can't access my dvr from the browser.
After I sign in to my dvr webpage this message comes instead of loading java: The requested URL was not found on this server
I have this message when I try with Mozilla:
CacheEntry[http://xx.xxx.xx.xx/application.jar]: updateAvailable=false,lastModified=Thu Jan 01 01:00:00 CET 1970,length=40266
Missing Application-Name manifest attribute for: http://xx.xxx.xx.xx/application.jar
Missing Permissions manifest attribute in main jar: http://xx.xxx.xx.xx/application.jar
java.io.FileNotFoundException: abc (Permission denied)
Thanks in advance for any help you can provide!Sorry... I didn't realize that this problem was common, not rare.
I remove the Discussion-related cookies and restarted. I did get to the sign-in page this time, but after clicking the sign-in button, I got "An Internal Server Error Has Occurred." (Nothing else on the page.)
I decided to check cookies again, and the same ones that I eliminated were back again. Needless to say, repeating the exercise didn't work.
Resetting Safari is out of the question. I have years worth of settings and cookies stored there for a good reason, and I'm not going to start over from scratch. I can't imagine why anyone would, unless they have a whole lot of time on their hands.
So... I've decided that this is Apple's problem. If I need Apple Discussions I'll use a browser that works.. which apparently is every browser except Safari. Now that's ironic! -
Can't access my mac from another computer
Ok, i have been able to access my G5 mac using Tiger from my G4 PB using tiger in the past.
I installed Leporad (family pack) on both machines. Now i can't access the G5 from the PB. the settings use to be correct. I kind of gave up, but i just would never get the log in or see the G5.
Today, i finally had the oppurtunity to try using the Back to My Mac feature. My G5 was on at home and i had a wireless connection at work and needed a file on my G5. so i went to the shared section in the side bar and it wasn't there to access.
When i got home i tried again. This time i could see the G5 in the side bar, but could not tell if it was through the internet or if i was seeing it through my wireless network.
when i tried to access using the back to my mac by clicking on the shared volume in the side bar, i could not access it, it finally gave me an error message saying that the server may not be available.
the weird thing is, if i choose to share screen, i could access the G5. I would get a log in window and log in no problem.
the setting in my shared preference seem to be the same for both computers.
any idea where to start on figuring this out.Today, i finally had the oppurtunity to try using the Back to My Mac feature. My G5 was on at home and i had a wireless connection at work and needed a file on my G5. so i went to the shared section in the side bar and it wasn't there to access.
Do you have a .Mac account? And are both Macs setup to use the .Mac account? Without a .Mac account, the Back-to-My-Mac feature is not going to work, as you need .Mac to act as the middle man in establishing the connection.
In addition, does your work have a corporate firewall? If it does, they most likely block the networking ports that BTMM uses.
When i got home i tried again. This time i could see the G5 in the side bar, but could not tell if it was through the internet or if i was seeing it through my wireless network.
Very likely this is local LAN via Bonjour.
when i tried to access using the back to my mac by clicking on the shared volume in the side bar, i could not access it, it finally gave me an error message saying that the server may not be available.
Do you have your Firewall enabled? Security System Preferences
Did you enable Screen Sharing (I'm guessing you did, but I figure it is worth asking) Sharing System Preferences
NOTE: I do not have a .Mac account, and my use of Screen Sharing has been just one or 2 experiments, but I figured I could at least ask some questions that might uncover something useful. -
Computer crashed and got a new one, but can't access previous purchases from iTunes.
My PC crashed and I got a Mac, I can't get my old purchases from the iTunes store onto my new computer. Is there a way to get my purchases from the iTunes store on my new computer? It's showing all the songs/videos I bought but I can't access them.
daffydaf2010 wrote:
My PC crashed and I got a Mac...
Welcome to the club
I can't get my old purchases from the iTunes store onto my new computer. Is there a way to get my purchases from the iTunes store on my new computer? It's showing all the songs/videos I bought but I can't access them.
When you purchase content from the iTunes Store it's downloaded to the storage/hard drive of the computer you purchased them on. You should have made a backup like iTunes warns you to do.
However there is some hope, I can instruct you how to recover your content from the hard drive of the dead PC, provided the hard drive ITSELF still mechanically works and if your willing to perhaps spend some money and get your hands a bit dirty.
Recovery option:
I'm going to assume here that the PC is dead, either mechanically or the computer won't boot from the hard drive and you are willing to extract the hard drive from the computer and see if it works to get your data off.
Be gentle, disconnect the power and remove the battery before carefully opening up the PC to remove the drive.
Once you got the drive out there is a powered IDE/SATA to USB adapter for sale online for $20 that you can take that internal hard drive and use it like a external drive to access your files from another Windows machine.
Your attempting to access a Windows NTFS drive from a Mac which can't read it, you need Paragons's NTFS for Mac® OS X software installed on the Mac first before hooking up the NTFS Windows formatted drive.
Once you do that, you should be able to navigate to your Windows/Music folder and transfer the whole iTunes folder directly to the Mac desktop and also recover any other files you need as well.
Good Luck
Maybe you are looking for
-
Multiple devices on the same iTunes account
I have an iTouch Gen 4 and will be getting an iPhone 5s. Is it possible to have both devices on the same account (same Apple ID) with music on one device and apps on the other? Possibly sharing a couple of same apps between the two devices.
-
Why do I have time machine disk problem after closing and later reopening clamshell.
I consistently see the following after closing and later reopening my Macbook Pro (5,1). I have to unplug and replug my Time Machine USB drive. The only thing new is Mountain Lion. The Time Machine disk has 229 GB free of 1.5 TB. I never had to unplu
-
Embed an external PDF file into the XML
Dear All, We have a program which creates the XML file on the Application server when we execute it. My requirement is to Embed an external PDF file into the XML file while generating it through program from SAP. Please let me know how this is possib
-
It's been a week since I dropped my iPhone in toilet. I dried it and even tried putting in bowl of rice. It works fine but external sounds only work intermittently. Is a replacement in order?
-
How to show masked links in PDF when printing?
Hello Ive got a PDF where some hyperlinks are masked behind certain words. For digital use of this document this is fine. However when printing I would like to have the full link to be printed (eg as a comment or on top of the word which contains the